GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
eb2a013905f5f2a0cbf7bcc1d20c85a50065063ee87bd33b496c4e19815e3498Asterisk Project Security Advisory - The overlap dialing feature in chan_sip allows chan_sip to report to a device that the number that has been dialed is incomplete and more digits are required. If this functionality is used with a device that has performed username/password authentication RTP resources are leaked. This occurs because the code fails to release the old RTP resources before allocating new ones in this scenario. If all resources are used then RTP port exhaustion will occur and no RTP sessions are able to be set up.
97fcad4b2cc395997d99694e3df652f77ddb75c1bf9f3258efb47206a678a1c1Asterisk Project Security Advisory - Asterisk can be crashed remotely by sending an ACK to it from an endpoint username that Asterisk does not recognize. Most SIP request types result in an "artificial" endpoint being looked up, but ACKs bypass this lookup. The resulting NULL pointer results in a crash when attempting to determine if ACLs should be applied. This issue was introduced in the Asterisk 13.10 release and only affects that release.
4fed701bc3c34b63cb35edd8fe1f32e85f372f14481d360d07df779759acb717WordPress version 4.5.3 suffers from a cross site scripting vulnerability when an uploaded image filename has a malicious payload inserted.
6c769e43df4a37ca6174acc074f7d745829325d0add7f2fe561108492c4e03bfTinycrypt.asm is a training ransomware virus that is fully configurable to your needs but it is designed to be very controllable. It was designed to be used with the PoShFoTo incident response toolkit.
d69c41d85e494c771d84d2ee2805586148307dc2162ea290443e61ae27b7d432PHPHolidays CMS version 3.00.50 suffers from a cross site scripting vulnerability.
ec3150133f0f3b07a8098ae053fa6b285663542a7f84a2709a421d958f690b36Samsung SystemUI fimg2d driver suffers from a null pointer dereference vulnerability.
5078f08a5818485da8db3f5b0d45965d8daf96f6c90003d8eae14f1610f7bba2WordPress Cubed theme version 1.2 suffers from cross site request forgery and remote file upload vulnerabilities.
86f2497e0367824c9dd5a4049146dd41c477072edc56fbc5c5d715ba511da942Airmail versions 3.0.2 and below suffer from a cross site scripting vulnerability.
e837c607d6a7d9ebf722d675a20cd3638b87cf0db5ed41e550b667a54bd2dd95Ubuntu Security Notice 3074-1 - It was discovered that File Roller incorrectly handled symlinks. If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory.
5b948c8a578f9cfe916b5e9781f7cd37efb94cb056ba0861e207ea91418563c9Picosmos Shows version 1.6.0 suffers from a stack overflow vulnerability.
42eb81f441816bae9b04734a8a89a41969976f78b42c703a66436a1024c488d8WhatsApp suffers from a DLL hijacking vulnerability.
5edfc503a7aaa97cdd3ee4b9e0a61279e5db0110de4e6e57333a56e62653ad04HDWiKi version 4.0.4 suffers from a cross site scripting vulnerability.
7ee4f7159ea6f9c295aed5b1e75da8f3047ad897c2a34dccf73702d0608a0822BugNET version 1.6.315.0 suffers from a cross site scripting vulnerability.
3bcb9c96eea1adda6065d3a66df78bb9b326405e72cfa98dec8654cd4cd948d2WinSCP version 5.9.1 suffers from a DLL hijacking vulnerability.
2c331eb656448f5bc8c1847da248cc26185834f1c02580a4b12031193f2198d4OoVoo version 3.7.1 suffers from a DLL hijacking vulnerability.
d4e01ddd8f90c9a3711633817c0164f1245d6e3664f1779e2da00e8226a3bc9c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed